In this chapter, we discuss managing a penetration test. We cover the following topics:
• Planning a penetration test
• Structuring a penetration testing agreement
• Execution of a penetration test
• Information sharing during a penetration test
• Reporting the results of a penetration test
When it comes to penetration testing, the old adage is true: plan your work, then work your plan.
When planning a penetration test, you will want to take into consideration the type, scope, locations, organization, methodology, and phases of the test.
There are basically three types of penetration testing: white box, black box, and gray box.